1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
California Attorney General Rob Bonta filed a lawsuit against the U.S. Department of Education to block the expansion of IPEDS data collection requiring colleges to submit race-linked student data. The lawsuit argues the demand is arbitrary, capricious, and burdensome, and could enable costly partisan investigations. A multistate coalition co-led the challenge.
California Attorney General Rob Bonta and a coalition of state attorneys general announced they will continue their antitrust lawsuit against Live Nation/Ticketmaster after the U.S. Department of Justice settled the case. The states aim to hold Live Nation accountable for anticompetitive conduct that harms consumers, artists, and venues in the live music industry.
California Attorney General Rob Bonta, co-leading a bipartisan coalition of 21 attorneys general and charitable regulators, sent a letter to GoFundMe demanding the platform remove all plagiarized donation web pages for over 1.4 million charities, disclose information about donations, and ensure pages do not outrank official charity sites in search results. The action follows reports that GoFundMe used charities' information without consent and engaged in deceptive solicitations, violating state charitable solicitation and consumer protection laws.
California Attorney General Rob Bonta sent a letter to the U.S. Department of Health and Human Services opposing a proposed rule that would eliminate model card requirements for AI tools in healthcare, warning that such rollbacks could lead to biased and unsafe healthcare decisions by reducing transparency.
California Attorney General Rob Bonta announced an investigative sweep targeting businesses that use surveillance pricing, which involves setting individualized prices based on consumer data. The Department of Justice is sending information request letters to companies in the retail, grocery, and hotel sectors to assess compliance with the CCPA's purpose limitation principle. This action seeks to ensure that consumers are not charged different prices without proper disclosure and that businesses adhere to privacy laws.
California Attorney General Rob Bonta joined a multistate coalition in filing an amicus brief opposing the U.S. Department of Justice's subpoena for patient records from University of Pittsburgh Medical Center related to gender-affirming care. The brief argues that the subpoena violates patient privacy, infringes on states' rights to regulate medicine, and exceeds DOJ's statutory authority.
California Attorney General Rob Bonta, alongside attorneys general from New York, Colorado, Illinois, and Minnesota, filed a motion for preliminary injunction to continue blocking the Trump Administration's unlawful freeze of $10 billion in federal funding for child care and family assistance programs and to prevent broad data requests for personally identifiable information of millions of residents. The funding freeze targets five Democratic-led states without evidence of fraud, and the data requests are part of the challenged unlawful actions. A temporary restraining order was previously granted blocking these measures.
California Attorney General Rob Bonta announced an investigation into xAI for its Grok AI model generating nonconsensual sexual images of women and children, including child sexual abuse material. The AG expressed deep concern and zero tolerance, urging immediate action to prevent further
CalPrivacy issued Enforcement Advisory No. 2025-01 to remind data brokers of their annual registration obligations under California's Delete Act, including disclosing all trade names and websites and registering independently rather than through a parent company. The advisory warns that failures to comply may result in administrative fines of $200 per day, plus fees and recovery costs. It also highlights the upcoming Delete Request and Opt-Out Platform (DROP) launching January 1, 2026.
The California Privacy Protection Agency fined ROR Partners LLC $56,600 for failing to register as a data broker under the Delete Act. The Nevada-based marketing firm must pay the fine and past-due fees. This action is part of CalPrivacy's enforcement against unregistered data brokers.
$57K
California Attorney General Rob Bonta joined 20 attorneys general in filing an amicus brief to quash a U.S. DOJ administrative subpoena seeking sensitive medical records and personally identifying information of adolescent patients receiving gender-affirming care at Children's Hospital Colorado. The brief argues the subpoena violates states' rights to regulate medicine under the Tenth Amendment and misinterprets the Food, Drug, and Cosmetic Act, which would harm off-label drug use across all medical fields.
California Attorney General Rob Bonta announced Phase 2 of Operation Robocall Roundup, a multistate investigation targeting four major voice service providers—Inteliquent, Bandwidth, Peerless, and Lumen—for routing suspected illegal robocalls. The Anti-Robocall Multistate Litigation Task Force sent warning letters demanding they stop transmitting such calls, following Phase 1 which already led to some providers being removed from the FCC's database. The AG emphasized that these companies have a heightened responsibility to block call traffic from known bad actors.
California Attorney General Rob Bonta co-led a coalition of 18 attorneys general in submitting a comment letter opposing the Department of Homeland Security's expansion of the Systematic Alien Verification for Entitlements (SAVE) program to include U.S.-born citizens. The coalition argues the expansion violates the Privacy Act of 1974, creates a massive surveillance database, increases data breach risks, and will lead to inaccurate verifications and denial of benefits.
California Attorney General Rob Bonta joined a bipartisan coalition of 36 state attorneys general in sending a letter to Congress opposing a proposed provision in the National Defense Authorization Act that would preempt state laws addressing AI risks. The coalition argues that states must retain authority to mitigate AI harms, particularly to children, and that state-level enforcement is critical for protecting residents from emerging threats like deepfakes and harmful AI interactions.
The California Privacy Protection Agency (CalPrivacy) announced the creation of a Data Broker Enforcement Strike Force to investigate privacy violations by data brokers under the CCPA and Delete Act. The strike force will focus on compliance with registration requirements and other obligations, building on previous enforcement actions to increase accountability.
California Attorney General Rob Bonta issued an informational bulletin summarizing new responsibilities under SB 81, which expands protections for immigrants' medical information by designating immigration status as protected data under the Confidentiality of Medical Information Act (CMIA) and restricts immigration enforcement access to non-public areas of healthcare facilities.
California Attorney General Rob Bonta joined 15 attorneys general in filing an amicus brief to limit a U.S. DOJ subpoena seeking medical records of transgender youth from Children's Hospital of Philadelphia, arguing it violates patient privacy and could intimidate providers of gender-affirming care.
The California Attorney General conducted an investigation into OpenAI's recapitalization plan and secured a memorandum of understanding ensuring charitable assets are used for their intended purpose, safety is prioritized, and OpenAI remains in California. The AG will not oppose the plan and will monitor ongoing adherence to these commitments.
California Attorney General Rob Bonta led a coalition of 18 attorneys general in submitting a comment letter opposing the U.S. Department of Education's proposal to collect extensive student data on race, admissions, and financial aid. The coalition argues the data collection is burdensome, unlikely to yield quality data, and may be misused to target lawful diversity, equity, and inclusion efforts.
California Attorney General Rob Bonta filed a lawsuit against the City of El Cajon for unlawfully sharing Automated License Plate Reader (ALPR) data with over 100 out-of-state law enforcement agencies, violating state law that restricts such data to California public agencies. The AG is seeking a court order to halt the sharing and compel compliance with state privacy protections.
The California Attorney General filed a complaint against Kaiser Foundation Health Plan, Inc. for improperly disposing of patient medical records containing protected health information. The records, including diagnoses and lab results, were found discarded at a recycling facility, violating patient privacy. The action alleges breaches of the California Confidentiality of Medical Information Act.
In 2013, the California Attorney General filed a complaint against Citibank, N.A. alleging that the bank failed to implement adequate security measures and did not properly notify customers about a data breach exposing personal and financial information. The complaint asserts violations of California's data breach notification law.
All data sourced from official government enforcement pages.